General

  • Target

    9df0ba8624e9edf0ef972d132213d403c0e34d7754a24449db2740207f2cc97e

  • Size

    9.8MB

  • Sample

    230914-hwvgcaab6w

  • MD5

    7b88feb63c5e6e010008e7244149a529

  • SHA1

    3a7000d176cb1f014efb5bb81b585d6b265e849b

  • SHA256

    9df0ba8624e9edf0ef972d132213d403c0e34d7754a24449db2740207f2cc97e

  • SHA512

    08cdb724391a0907f17c360f76bca6c18268848deab74ff31a3b41e338611d35a1eec851feef28b1bf46bf9a146e8bef33330ab54e1d64fed83c76d65a8023ec

  • SSDEEP

    196608:iBzclOEC4iD1rgKErPJjkZc+35hio2Jp2mSCpfUO+x8pFjV5FPggQvOQs28:r7nKoeZJ3F+tp803FoJvc28

Malware Config

Targets

    • Target

      9df0ba8624e9edf0ef972d132213d403c0e34d7754a24449db2740207f2cc97e

    • Size

      9.8MB

    • MD5

      7b88feb63c5e6e010008e7244149a529

    • SHA1

      3a7000d176cb1f014efb5bb81b585d6b265e849b

    • SHA256

      9df0ba8624e9edf0ef972d132213d403c0e34d7754a24449db2740207f2cc97e

    • SHA512

      08cdb724391a0907f17c360f76bca6c18268848deab74ff31a3b41e338611d35a1eec851feef28b1bf46bf9a146e8bef33330ab54e1d64fed83c76d65a8023ec

    • SSDEEP

      196608:iBzclOEC4iD1rgKErPJjkZc+35hio2Jp2mSCpfUO+x8pFjV5FPggQvOQs28:r7nKoeZJ3F+tp803FoJvc28

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks